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What is claimed is: 

1 . A method of authenticating an entity by solely conducting message authentication 
by a receiving party with respect to an electronic communication that is received 
by the receiving party and that includes both a unique identifier associated with an 
account maintained by the receiving party and a digital signature for a message 
regarding the account, consisting of the steps of: 

(a) before receipt of the electronic communication, first associating a 
public key of a public-private key pair with the unique identifier by 
the receiving party; and thereafter 

(b) solely using the digital signature in the electronic communication 
and the public key associated with the account identifier to conduct 
message authentication, 

whereby the entity is authenticated solely by the message authentication. 

2. A method of operating by a third party a database for accounts, information 
pertaining to each account being retrievable from the database based on a unique 
identifier for that account, comprising the steps of: 

(a) first associating by the third party a public key of a respective public-private 
key pair with each unique account identifier, and thereafter 

(b) performing entity authentication by the third party with respect to an 
electronic communication that is received by the third party and that 
includes both a unique account identifier and a digital signature for a 
message regarding the account associated with the unique account 
identifier, the entity authentication consisting of solely conducting message 
authentication only using the digital signature received in each electronic 
communication and the public key associated with the unique account 
identifier accompanying the digital signature. 

3. The method of claim 2, wherein the third party is an account authority. 

4. The method of claim 2, wherein the third party is a financial institution. 

5. The method of claim 3, wherein one of the public keys associated with an account 
is obtained from an account holder for that account. 

6. The method of claim 3, wherein a public key associated with an account is 
obtained from a manufacturer of a device that generates digital signatures using 
the corresponding private key. 

7. The method of claim 3, wherein a public key associated with an account is 
obtained from a distributor of a device that generates digital signatures using the 
corresponding private key. 
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8. The method of claim 2, wherein said step of associating a public key with a unique 
account identifier comprises recording the public l<ey in a record of the account. 

9. The method of claim 2, wherein said step of associating a public key with a unique 
account identifier comprises Indexing a record of the account in an account 

5 database by the public key. 

10. The method of claim 2, wherein the information includes an account number. 

1 1 . The method of claim 2, wherein the information includes a current balance. 

12. The method of claim 2, wherein the information includes an available credit. 

13. The method of claim 2, wherein the information includes a list of associated 
10 accounts. 

14. The method of claim 2, wherein the information includes a name of an account 
holder. 

1 5. The method of claim 2, wherein the information includes an address of an account 
holder. 

- 15 16. The method of claim 2, wherein the information includes a social security number 
of an account holder. 

17. The method of claim 2, wherein the information includes a tax identification 
number of an account holder. 

18. The method of claim 2, wherein the information regards a device containing a 
20 private key corresponding to the public key. 

19. The method of claim 2, wherein the information includes security features of a 
device. 

20. The method of claim 2, wherein a digital signature is generated within a device. 

21 . The method of claim 20, wherein the device comprises a personal computer. 
25 22. The method of claim 20, wherein the device comprises a cell phone. 

23. The method of claim 20, wherein the device comprises a PDA. 

24. The method of claim 20, wherein the device comprises an electronic key. 

25. The method of claim 20, wherein the device comprises a dongle. 

26. The method of claim 20, wherein the device comprises a subcutaneous device. 
30 27. The method of claim 20, wherein the device comprises a secure chip. 

28. The method of claim 20, wherein the device comprises jewelry. 

29. The method of claim 20, wherein the device comprises a smart card. 

30. The method of claim 20, wherein the device comprises a credit card. 

31 . The method of claim 20, wherein the device comprises a debit card. 
35 32. The method of claim 20, wherein the device comprises a security card. 

33. The method of claim 20, wherein the device comprises an ID badge. 
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The method of claim 20, wherein the device performs entity authentication based 
on what the entity using the device to generate the digital signature "knows" as a 
function of verification data input into the device and data prestored within the 
device, and communicating a verifications status of the entity authentication to the 
third party without revealing the verification data or the prestored data. 
The method of claim 20, wherein the device performs entity authentication based 
on what the entity using the device to generate the digital signature "knows" as a 
function of verification data input into the device and data prestored within the 
device, and communicating to the third party a verifications status out of a plurality 
of predefined verification statuses regarding entity authentication, at least one of 
the verification statuses representing a match between the verification data and 
the prestored data, and at least another of the verification statuses representing 
no match between the verification data and the prestored data. 
The method of claim 20, wherein the device performs entity authentication based 
on what the entity using the device to generate the digital signature "is" as a 
function of verification data input into the device and data prestored within the 
device, and communicating a verifications status of the entity authentication to the 
third party without revealing the verification data or the prestored data. 
The method of claim 2, wherein a public-private key pair is generated on behalf of 
the third party. 

The method of claim 2, wherein the public-private key pair is generated on behalf 
of an account holder, and the public key is communicated to the third party for 
association with the account. 

The method of claim 38, wherein ownership of the account by the account holder 
is verified by the third party before associating the public key with the account. 
The method of claim 2, wherein the third party maintains one of the accounts for a 
sender of a particular one of the electronic communications. 
The method of claim 40, wherein the particular electronic communication is 
transmitted to the third party directly from the sender. 

The method of claim 40, wherein the particular electronic communication is 
transmitted to the third party from an intermediate party. 

The method of claim 40, wherein a message of a particular one of the electronic 
communications represents an instruction from the sender. 

The method of claim 43, further comprising executing the instruction upon 
successful authentication of the message associated with the particular electronic 
communication. 
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The method of claim 44, wherein said step of executing the instruction is 
performed by the third party. 

The method of claim 43, wherein the instruction is an instruction on the account of 
the sender. 

The method of claim 46, wherein the account instruction is executed upon 
successful authentication of the message. 

The method of claim 47, wherein execution of the instruction is performed based 
solely on the successful authentication of the electronic message. 
The method of claim 47, wherein execution of the instruction comprises 
communicating a balance of the account. 

The method of claim 47, wherein execution of the instruction comprises debiting 
the account by a specified amount. 

The method of claim 47, wherein execution of the instruction comprises crediting 
the account by a specified amount. 

The method of claim 47, wherein execution of the instruction comprises 
transferring funds to another account. 

The method of claim 47, wherein execution of the instruction comprises granting 
access to a database. 

The method of claim 47, wherein execution of the instruction comprises granting 
access to a physical location such as a room, building, parking deck, and web 
site. 

The method of claim 47, wherein execution of the instruction comprises granting 
access to a data transmission such as pay per view, music download, and web 
broadcast. 

The method of claim 47, wherein execution of the instruction comprises providing 
a product. 

The method of claim 47, wherein execution of the instruction comprises providing 
a service. 

The method of claim 47, wherein execution of the instruction comprises making a 
monetary payment from the account. 

The method of claim 47, wherein execution of the instruction comprises 
transferring something of monetary value from the account. 
The method of claim 47, wherein execution of the instruction comprises 
transferring a security from the account. 

The method of claim 47, wherein execution of the instruction comprises 
authorizing a charge to the account. 
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62. The method of claim 47, wherein execution of the Instruction comprises 
transferring information from the account. 

63. The method of claim 2,wherein an electronic communication is transmitted over 
an open and Insecure communications medium. 

5 64. The method of claim 63, wherein the communications medium comprises the 
Internet. 

65. The method of claim 63, wherein the electronic communication is not encrypted. 

66. The method of claim 63, wherein the electronic communication includes no 
personal information regarding an entity for which the account is maintained. 

10 67. The method of claim 63, wherein the electronic communication Includes no 
account-identifying Information other than the unique identifier of the account. 
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A method of making a financial payment by a first party to a second party on an 
account of the first party maintained by a third party, information pertaining to the 
account of the first party being retrievable from a database of the third party based 
on a unique identifier for that account, the method comprising the steps of: 

(a) associating by the third party a public key of a public-private key pair with 
the unique account identifier; 

(b) digitally signing by the first party a message including an instruction to 
make payment to the second party on the account of the first party, the 
digital signature being generated with a public key of the public-private key 
pair; 

(c) communicating by the first party the message and digital signature in a first 
electronic communication to the second party; 

(d) communicating by the second party the message and digital signature In a 
second electronic communication to the third party; and 

(e) upon receipt of the second electronic communication from the second 
party, performing by the third party entity authentication with respect to the 
first party, the entity authentication consisting of solely conducting 
message authentication using only said generated digital signature and the 
public key associated with the unique account identifier of the first party. 

The method of claim 68, wherein the first and second electronic communications 
each includes the unique account identifier of the first party, and wherein the third 
party utilizes the unique account identifier received in the second electronic 
communication to retrieve the public key of the first party for authenticating the 
message of the second electronic communication. 

The method of claim 68, wherein the unique account identifier of the first party 
comprises the public key of the first party. 

The method of claim 68, wherein the public key of the first party is included in the 
first electronic communication. 

The method of claim 71 , wherein the public key of the first party is included in the 
second electronic communication. 

The method of claim 72, wherein the second electronic communication includes a 
digital signature of the second party for a message of the second party. 
The method of claim 73, wherein the message of the second party comprises 
instructions for making payment to the second party from the account of the first 
party maintained by the third party. 

The method of claim 73, wherein the second electronic communication includes a 
public key of the second party that may be used to decrypt the digital signature. 
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The method of claim 68, wherein the third party makes payment to the second 
party on the account of the first party upon successful message authentication. 
The method of claim 68, wherein the third party communicates an electronic 
communication to the second party authorizing the instructed payment to the 
second party on the account of the first party. 

The method of claim 68, wherein the second party provides a service for the first 
party upon the learning of a successful authentication of the message by the third 
party. 

The method of claim 68, wherein the second party provides a product to the first 
party upon the learning of a successful authentication of the message by the third 
party. 

The method of claim 68, wherein the message includes an additional instruction. 

The method of claim 80, wherein the second party executes the additional 

instruction upon successful execution by the third party of the instruction. 

The method of claim 81, wherein the instruction executed by the third party 

comprises payment to an account of the intermediate party. 

The method of claim 82, wherein the additional instruction is sent in another 

electronic communication from the first party to the second party. 

The method of claim 82, wherein the additional instruction is included in the 

electronic communication sent from the first party to the second party. 

The method of claim 84, wherein the additional instruction is removed by the 

second party from the electronic communication and wherein the electronic 

communication is then forwarded by the second party to the third party. 

The method of claim 68, wherein the third party is a financial institution. 

The method of claim 68, wherein the second party is a merchant. 



